000029452 - How to create a new Log Collector lockbox within an RSA Security Analytics Windows Legacy Collector

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000029452
Applies ToRSA Product Set: Security Analytics
RSA Product/Service Type: Windows Legacy Collector
RSA Version/Condition: 10.3.x
 
Issue

In some circumstances it may be necessary to create a new lockbox for the Log Collector in RSA Security Analytics.  An example of this would be when Event Sources cannot be added and the user is getting the error "Can't open lockbox." 

Resolution

Please note that all stored passwords for the event sources will need to be re-entered after the new lockbox is created.
 



  1. Login to the Windows Legacy Collector as an administrator.
  2. Make sure you can view the hidden folders in the system. 
  3. Move the files in C:\ProgramData\netwitness\ng\vault to a different directory
  4. Log in to the RSA Security Analytics UI and navigate to Administration -> Devices.
  5. Select the Log Collector device and click on View -> Config.
  6. Click on the Settings tab.
  7. Leave the "Old Lockbox Password" field blank and enter a new password in the "New Lockbox Password" field.
  8. Click Apply.
NotesTo create a new lockbox on a Local Collector refer to the knowledgebase article How to create a new Log Collector lockbox within RSA Security Analytics.

Attachments

    Outcomes